...
The user invoking the install script MUST have permission to the MyProjectNamespace, otherwise the install will fail. The absence of the --namespace flag indicates a desire to install the agent with cluster wide permissions, which will be installed into the openhorizon-agent namespace.
Note: The use of SDO/FDO to install agents in only supported for devices, therefore SDO/FDO install is out of scope for this design.
Node Properties:
A new built-in node property called openhorizon.kubernetesNamespace is introduced, the value reflects the namespace in which the agent is installed. This property is read-only, it is always set by the OH runtime and is not settable by any user role. This property MAY be used in a deployment policy constraint expression.
...
This feature extends the agent install capabilities to include installation of edge cluster agents into a specific kubernetes namespace so that the agent can manage service deployment within that namespace.
There are no changes to how agents are built, packaged or distributed.
- Authoring edge cluster services: Add a note that packaging a namespace definition inside an operator definition is not considered a best practice. Service developers should allow deployers to choose the target namespace in the deployment policy.
- Deploying edge cluster services: Document the new namespace field in the deployment policy. Describe how it's used and how it plays into the algorithm used by the Agbot to determine where edge cluster services are placed.
- Policy: Document the new built-in property openhorizon.kubernetesNamespace for edge node policies.
- Installing edge cluster agent: Document the new --namespace flag in the agent-install script.
...